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DETAILED ACTION 

1. This Office Action is in response to Applicant's Application Serial No. 10/809,551 
filed on 3/25/2004. Claims 1-20 are pending for examination. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 3/25/2004 and 
8/24/2005 has been considered by the Examiner. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claim 1 and 13 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

With respect to clams 1 and 13, the claims recite "perform authorization with the 
secondary grid resource". 

It is unclear which device, the primary resource machine or other device, is 
performing the authorization. 

In the Specification, for example, the Summary of Invention, Applicants disclose 
"[r]esponsive the proxy certificate, the user machine performs an authorization job on 
the secondary resource machine". For this reason, Examiner interprets the claimed 
limitation intended to be performed by the user machine (or other device). 
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With respect to claims 2 and 14, the claims recite "if authorization with the grid 
resource fails, generating a valid proxy certificate and sending the valid proxy certificate 
to the primary grid resource" (claim 2) and "means for generating a valid proxy 
certificate and sending the valid proxy certificate to the primary grid resource if 
authorization with the grid resource fails; and sending the valid proxy certificate to the 
primary grid resource" (claim 14). 

It is unclear which grid resource (primary or secondary) is Applicants intended to 
reference to. Furthermore, It is not logical to generate and send a valid proxy certificate 
if the authorization with the grid resource fails 

In the Specification, for example, the Summary of Invention, Applicant discloses 
"if the authorization with the secondary resource machine is not successful, the user 
machine generates and returns an invalid proxy certificate". For this reason, Examiner 
interprets the claimed limitation intended to recite "if authorization with the second grid 
resource fails, generating an invalid proxy certificate; and sending the invalid proxy 
certificate to the primary grid resource. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 
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(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-4, 6-8, 12-16 and 18-20 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Low, M.R. et al., "A Self Authenticating Proxies", 1994, The Computer 
Journal, Vol. 37, No. 5, hereinafter Low). 

With respect to claims 1,13 and 20, Low discloses a method, apparatus and a 
computer program product for authorizing offloading of a grid job in a grid computing 
system, the method comprising: 

submitting a grid job to a primary grid resource; responsive to a certificate 
request from the primary grid resource, identifying a secondary grid resource that is to 
run the grid job; performing authorization with the secondary grid resource; and if 
authorization with the grid resource fails, generating an invalid proxy certificate and 
sending the invalid proxy certificate to the primary grid resource (e.g. Introduction and 5. 
Delegation of Authority, e.g. "The notion of cascading SAProxies to delegate authority 
may also be applied to represent combined authority to request an operation... this can 
be represented by a request from one that is endorsed by the other") 

With respect to claims 2 and 14, Low further discloses: 
if authorization with the grid resource fails, generating an invalid proxy 
certificate; and sending the invalid proxy certificate to the primary grid resource (e.g. 5. 
Delegation of Authority, e.g. this can be represented by a request from one that is 
endorsed by the other") 
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With respect to claims 3 and 15, Low further discloses wherein submitting a grid 
job to a primary grid resource includes submitting the grid job to a grid scheduler, 
wherein the grid scheduler selects a primary grid resource and sends the grid job to the 
primary grid resource (5. Delegation of Authority, e.g. delegation of "work load"). 

With respect to claims 4 and 16 , Low further discloses wherein identifying a 
secondary grid resource that is to run the grid job includes submitting a query grid job to 
the primary grid resource inquiring about an identity of the secondary resource (5. 
Delegation of Authority, e.g. 5. Delegation of Authority, e.g. "The notion of cascading 
SAProxies to delegate authority may also be applied to represent combined authority to 
request an operation... this can be represented by a request from one that is endorsed 
by the other") 

With respect to claims 6 and 18, Low further discloses wherein performing 
authorization with the secondary grid resource includes submitting an authorization job 
to the secondary grid resource (5. Delegation of Authority, e.g. "delegate some of its 
workload to his junior"). 

With respect to claims 7 and 19, Low further discloses wherein the authorization 
job identifies security elements of the secondary resource (5. Delegation of Authority, 
e.g. signature (sig.)) . 
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With respect to claim 8, Low further discloses wherein the authorization job 
determines at least one of an operating system of the secondary grid resource, security 
updates installed on the secondary grid resource, whether the secondary resource has 
a trusted operating system, whether any conflicting grid jobs are running on the 
secondary grid resource (e.g. Abstract, "...enabling principals to define and enforce 
their own protection requirement") . 

With respect to claim 12, Low further discloses the method of claim 1 , wherein 
performing authorization with the secondary grid resource includes performing 
authorization with the secondary grid resource using one or more rules (e.g. Abstract, 
"...enabling principals to define and enforce their own protection requirement"). 



Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 5,9-11 and 17 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over Low, M.R., "A Self Authenticating Proxies", 1994, The Computer 

Journal, Vol. 37, No. 5) in view of Braddy (U.S. Patent No. 6,304,967). 
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With respect to claims 5 and 17, Low further discloses wherein identifying a 
secondary grid resource in the certificate request that is to run the grid job (5. 
Delegation of Authority, e.g. service or principle). Low does not disclose but Braddy 
discloses detecting the secondary resource machine by identity its address (Braddy, 
e.g. col. 10, lines 9-16, "information that identify application server... communication port 
address"). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to incorporate the teaching of Braddy's identifying a device by its 
port address with Low's teaching of identifying a second grid resource device in the 
certificate request to ensure the remote computer system (secondary resource) is 
connected to the Request Broker (primary resource) (Braddy, col. 10, lines 9-12). 

With respect to claim 9, Low does not disclose but Braddy discloses wherein the 
authorization job determines whether a given command is disabled on the secondary 
grid resource (Braddy, e.g. col. 10, lines 15, "whether the Application Server is enabled 
or disabled"). It would have been obvious to one of ordinary skill in the art at the time 
the invention was made to implement determination of a given command is disabled on 
the secondary grid resource taught by Braddy with performing authentication of 
secondary grid resource taught by Low to determine whether the Application Server is 
in connection with the Request Broker (Braddy, col. 10, lines 9-12). 
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With respect to claims 10 and 1 1 , Low discloses performing authorization with 
the secondary grid resource but does not disclose but Braddy discloses selection of 
secondary grid resource includes determining whether the secondary grid resource is 
included in a black list or white list (Braddy, e.g. col. 6, lines 35-47, e.g. "distribute the 
request to one of the secondary server computer systems capable of processing the 
request"; col. 10, e.g. "Directory mapping"). It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to implement the selection 
process of Braddy with authentication process of secondary grid resource taught by 
Low to ensure the application server is capable of handling the request (e.g. Braddy, 
col. 6, lines 55-59). 

Conclusion 

6. The prior art made of record and not relied upon is considered pertinent to 
applicants disclosure. 

-EP 1 282 289 A2 by Yeager discloses mechanism for trusted relationship in 
decentralized neworks including peer-to-peer platforms. 

-Low M.R. et al., disclose in "A joint Authorization Schemes" situations where 
more than one principal needs to give authorization so that a single function can take 
place. 

-Yeager et al. disclose distributed trust mechanism for decentralized networks. 
-Ehrsam et al. disclose a cryptographic communication security for multiple 
domain networks. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tongoc Tran whose telephone number is (571) 272- 
3843. The examiner can normally be reached on 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Sen/ice Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Tongoc Tran/ 
January 23, 2008 



